Anthropic's AI finds zero-days in everything. I pushed every surface.

Anthropic just released something that changes the security conversation for every builder alive. Claude Mythos Preview finds and exploits zero-day vulnerabilities in every major operating system and every major web browser. Autonomously. A 27-year-old OpenBSD bug. A 16-year-old FFmpeg flaw that survived every fuzzer ever pointed at it. Full remote root on FreeBSD through NFS. They're sitting on thousands of unpatched critical vulnerabilities and launched Project Glasswing, a $100M coalition with AWS, Apple, Microsoft, Google, and the Linux Foundation to patch the world before models like this become widely available. Meanwhile Z.AI shipped GLM-5.1, a 754B open-weight model under MIT that just took SOTA on SWE-Bench Pro and can sustain 8 hours of autonomous execution. JetBrains connected Junie CLI directly into IDE code intelligence. And Anthropic quietly acquired a biotech startup for $400M. In the last session I ran 18 agent sessions simultaneously. 455 events across Claude Code, Codex, and Letta. The work was not about any one surface. It was about all of them at once. Desktop got its first real prod build. The terminal pane got a dedicated resilience sprint because I want to actually use this thing every day, not just demo it. Mobile got activated with Sprint Mode for the first time. The quick app got completely rethought around real AI value instead of being another utility. Git pane got pushed on spacing, fonts, and interaction patterns. That is the actual tension right now. The product has to move on all surfaces simultaneously because users don't experience one surface at a time. They experience the whole thing. A desktop that works but a terminal that crashes is not a product. A mobile app that pairs but can't find the desktop is not a product. Every surface has to clear the bar together. I course-corrected agents constantly. They kept pushing features when what I needed was resilience. "I do not have a staging why you keep saying that." Worktrees appeared in the codebase and got banned. DEVOPS_MODE.md was created so deployment knowledge stops evaporating between sessions. The prod build opened OAuth inside the app instead of the external browser. Small things that add up to the difference between a prototype and something you actually use. This is an 8-10 hour live building session. AI radio in the background. Co-working friendly. If you build software and you're trying to figure out how one person pushes a desktop app, a mobile companion, a terminal runtime, and an AI quick-launcher forward at the same time with AI agents, this is the room. sources (coding tools + benchmarks): https://red.anthropic.com/2026/mythos-preview/ https://www.anthropic.com/glasswing https://www.marktechpost.com/2026/04/08/z-ai-introduces-glm-5-1-an-open-weight-754b-agentic-model-that-achieves-sota-on-swe-bench-pro-and-sustains-8-hour-autonomous-execution/ https://blog.jetbrains.com/junie/2026/04/junie-cli-inside-your-jb-ide/ https://blog.jetbrains.com/ai/2026/04/using-acp-deep-agents-to-demystify-modern-software-engineering/ sources (today's news, April 8): https://techcrunch.com/2026/04/07/anthropic-mythos-ai-model-preview-security/ https://www.helpnetsecurity.com/2026/04/08/anthropic-claude-mythos-preview-identify-vulnerabilities/ https://dataconomy.com/2026/04/08/anthropic-launches-project-glasswing-to-combat-ai-driven-cyber-threats/ https://www.bloomberg.com/news/articles/2026-04-06/broadcom-confirms-deal-to-ship-google-tpu-chips-to-anthropic https://pharma.economictimes.indiatimes.com/news/mergers-and-acquisitions/anthropic-acquires-coefficient-bio-for-nearly-400-million-report/130100259 https://startuprise.io/trent-ai-raises-13m-in-seed-funding/ https://siliconangle.com/2026/04/07/grafanaghost-vulnerability-grafana-allowed-silent-data-exfiltration-ai-workflows/